<?php
if(empty($login_true)){
redirect('index.php?name=member&file=index');
}
?>

<TABLE WIDTH="750" BORDER="0" ALIGN="center" CELLPADDING="0" CELLSPACING="0">
    <TR>
        <TD width="10" vAlign=top></TD>
        <TD width="740" vAlign=top >
            &nbsp;&nbsp;<IMG SRC="images/menu/textmenu_member.gif" BORDER="0">
            <TABLE width="740" align=center cellSpacing=0 cellPadding=0 border=0>
                <TR><TD height="1" class="dotline" colspan="4"></TD></TR>
                <tr>
                    <td  colspan="4">&nbsp;&nbsp;<?php include "member_header.php" ; ?>
<?php

$ok = $_POST['ok'];
if(isset($ok)){
    $db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);

    //ระบบสมาชิกเสริม maxsite 1.10 พัฒนาโดย www.narongrit.net
    $old_pwd = sha1($_POST['old_pwd']);
    $new_pwd1 = $_POST['new_pwd1'];
    $new_pwd2 = $_POST['new_pwd2'];

    $sql = "select * from ".TB_MEMBER." where user = '$login_true' and password='$old_pwd'" ;
    $result = mysql_query($sql) ;
    $row = mysql_num_rows($result) ;
    if($row<=0){
        $status = "<center><font face='MS Sans Serif' size='3' color='red'><b>"._MEMBER_MOD_PASSWORD_NOACC."</b></font></center>" ;
        echo "<meta http-equiv='refresh' content='2'>" ;
        session_unregister("status");
    }
    else
    {
        if($new_pwd1==$new_pwd2){
            $sql = "update ".TB_MEMBER." set  password='".sha1($new_pwd1)."' where user = '".$login_true."'" ;
            $result .= mysql_query($sql) or die("ERR PROGRAME") ;
            if($result){
                $status = "<center><font face='MS Sans Serif' size='3' color='red'><b>"._MEMBER_MOD_CHPASSWORD_ACC."</b></font></center>";
                echo "<meta http-equiv='refresh' content='2; url =?name=member&file=member_detail'>" ;
                $res['admin'] = $db->select_query("SELECT id FROM ".TB_ADMIN." WHERE username='".$login_true."' ");
                $rows['admin'] = $db->rows($res['admin']);

                if($rows['admin']){
                    $db->update_db(TB_ADMIN,array(
                        "password"=>"".md5($new_pwd1).""
                    )," id='".$rows['admin']['id']."' ");
                }

            }
        }
        else
        {
            $status .= "<center><font face='MS Sans Serif' size='3' color='red'><b>"._MEMBER_MOD_CHPASSWORD_CONF."</b></font></center>";
            echo "<meta http-equiv='refresh' content='2'>" ;
        }
    }

    echo $status;
}
else
{
    ?>
    <P ALIGN="center">
        <STRONG>
            <u>
            <?=_MEMBER_MOD_CHPASSWORD_TITLE;?>
            </u><BR>
        </STRONG>
    </P>
    <P ALIGN="center"><?php echo $login_true ; ?></P>
    <FORM ACTION="" METHOD="post" NAME="checkForm" onSubmit="return check()">
        <TABLE WIDTH="100%" BORDER="0" ALIGN="center" CELLPADDING="2" CELLSPACING="1">
            <TR>
                <TD ALIGN="right"><STRONG><?=_MEMBER_MOD_CHPASSWORD_OLD_PASS;?></FONT></STRONG></TD>
                <TD>
                    <INPUT TYPE="password" NAME="old_pwd" value="" style="color: #FF0000">
                </TD>
            </TR>
            <TR>
                <TD ALIGN="right"><STRONG><?=_MEMBER_MOD_CHPASSWORD_NEW_PASS;?></FONT></STRONG></TD>
                <TD>
                    <INPUT TYPE="password" NAME="new_pwd1">
                </TD>
            </TR>
            <TR>
                <TD ALIGN="right"><STRONG><?=_MEMBER_MOD_CHPASSWORD_NEW_PASS_CONF;?></FONT></STRONG></TD>
                <TD>
                    <INPUT TYPE="password" NAME="new_pwd2">
                </TD>
            </TR>
            <TR>
                <TD ALIGN="right">&nbsp;</TD>
                <TD>
                    <INPUT TYPE="submit" NAME="Submit" VALUE="<?=_FORM_BUTTON_CONF;?>">
                    &nbsp;
                    <INPUT TYPE="reset" NAME="Submit2" VALUE="<?=_FORM_BUTTON_RESET;?>">
                    <INPUT NAME="ok" TYPE="hidden" ID="ok" VALUE="ok">
                </TD>
            </TR>
            <TR>
                <TD COLSPAN="2">&nbsp; </TD>
            </TR>
        </TABLE>

        <SCRIPT language = "javascript">
        function check(){
        var v1 = document.checkForm.old_pwd.value;
        var v2 = document.checkForm.new_pwd1.value;
        var v3 = document.checkForm.new_pwd2.value;

        if(v1.length==0){
        alert("<?echo _JAVA_FORM_CONF_OLDPASS;?>");
        document.checkForm.old_pwd.focus();
        return false ;
        }
        else if(v2.length==0){
        alert("<?echo _JAVA_FORM_CONF_NEWPASS;?>");
        document.checkForm.new_pwd1.focus();
        return false ;
        }
        else if(v3.length==0){
        alert("<?echo _JAVA_FORM_CONF_NEWPASS;?>");
        document.checkForm.new_pwd2.focus();
        return false ;
        }

        else 
        return true ;
        }
        </SCRIPT>
    </FORM>
    <?
}
?>
</TD>
</TR>
<TR>
<TD><BR><BR><BR></TD>
</TR>
<TR>
<TD CLASS="dotline"></TD>
<TD HEIGHT="1" CLASS="dotline"></TD>
</TR>
</TABLE>

<TD >
</TR>
</TABLE>
